<?php

class Membership
{
	function validate_user($un, $pwd)
  {
    $url = BASE_URL;

    $un  = strtolower($un);
    $pwd = strtolower($pwd);

	  if ($un == "nancy" && $pwd == "1234any_body")
    {
			$_SESSION['status']   = 'authorized';
      $_SESSION['user_ID']  = 0;
      $_SESSION['voornaam'] = "Admin";
      $_SESSION['email']    = "Admin";

			header("location: $url");
		}
    else
    {
      $query = 'SELECT * FROM leden WHERE voornaam="'.$un.'" AND email="'.$pwd.'" LIMIT 1';
      $result = mysql_query($query);

      if ($row = mysql_fetch_assoc($result))
      {
        $_SESSION['status']   = 'lid';
        $_SESSION['user_ID']  = $row['ID'];
        $_SESSION['voornaam'] = $un;
        $_SESSION['email']    = $pwd;

        header("location: $url");
      }
    }
    
    return "Uw Naam of E-Mail adres staat niet in ons ledenbestand.";
	}

	function validate_admin($un, $pwd)
  {
    $url = BASE_URL;

    $un  = strtolower($un);
    $pwd = strtolower($pwd);

	  if ($un == "nancy" && $pwd == "1234any_body")
    {
      $this->logout();

			$_SESSION['status'] = 'authorized';
      
			header("location: $url/admin/");
		}
    else 
    {
      return "Uw gegevens kloppen niet.";
		}
	}

	function logout() 
  {
		if (isset($_SESSION['status'])) 
    {
			unset($_SESSION['status']);
			
			if (isset($_COOKIE[session_name()]))
				setcookie(session_name(), '', time() - 1000);
				session_destroy();
		}
	}
	
	function confirm_member()
  {
    $url = BASE_URL;
		session_start();
    
		if($_SESSION['status'] != 'lid' && $_SESSION['status'] != 'authorized')
      header("location: $url/login.php");
	}

	function confirm_admin() 
  {
    $url = BASE_URL;
		session_start();
    
		if($_SESSION['status'] !='authorized')
      header("location: $url/admin/login.php");
	}
}

?>